WEP security, currently a part of the 802.11 standard, does a decent job of maintaining security of a Wireless LAN against the general public. However, there are some decent hackers out there who have the ability to crack even a WEP protected WLAN.

WEP really only provides a method for authenticating radios to access points, but not access points to radio NICs. As a result of this one-way authentication, a hacker is able to 'trick' the network in a variety of ways to gain access, or snoop on data traversing the network.

802.11i will address this problem, when ratified by the IEEE, by implementing a two-way "mutual" authentication mechanism.

802.11i is expected to solve this problem at two levels. Firstly, using TKIP ("Temporal Key Integrity Protocol", aka WEP2), which ensures each station on the network has its own unique key, and the key changes shape on a dynamic basis. While TKIP is better than WEP, it still has flaws, and hense is considered a temporary solution to the problem.

Along with TKIP, which will use RC4 encryption, the 802.11i standard is expected to also include the AES ("Advanced Encryption Standard") protocol, which provides much stronger encryption of packets. The use of AES may not be adopted, as it requires a decent processor to crunch the numbers at a decent speed, and this comes at a price.

802.11i is still in the drafting stage, and as such this information is subject to change. 802.11i support is expected to appear in products by early 2003. The 802.11i task group's progress can be monitored on the IEEE website.